Outline of Guidance for PCI DSS Scoping and Network Segmentation

In order to clarify scoping and network segmentation principles in PCI DSS, the PCI SSC has released additional guidance in order to help organizations identify what systems are considered in scope for PCI DSS assessments. This guidance was developed by industry experts and the PCI SSC Board of Advisors in …

Read More

[Webinar] Scammed: Defend Against Social Engineering Attacks

Social Engineering Webinar A-LIGN, a nationwide security and compliance solutions firm, is committed to combatting cyberattacks that utilize social engineering. On March 1, A-LIGN Partner, Gene Geiger, will host a social engineering webinar called Scammed: Defend Against Social Engineering that will educate organizations on how to protect their employees …

Read More

SOC 1 for Payroll Providers

Why are people asking my payroll company for a SOC 1 report? Payroll is one of the most commonly outsourced business functions, making SOC 1 necessary to ensure to clients that payments are made accurately and in a timely fashion to the necessary parties. Penalties for failing to file or …

Read More

Scott Price announced as Board Chair to FSU Department of Accounting Professional Advisory Board

The Florida State University College of Business has appointed A-LIGN Managing Partner, Scott Price, as the Board Chair to the Department of Accounting’s Professional Advisory Board (PAB). Scott Price, a certified public accountant, received his Master’s in Accountancy from Florida State University. In his time at Florida State University, Price …

Read More

Employee Spotlight: Get to Know VP of Business Development Tom Brady

In honor of Super Bowl LI this Sunday and the start of our Employee Spotlight Blog Series we thought it would be a great opportunity to shine the light on our very own Tom Brady, VP of Business Development at A-LIGN. Although he may not be a 3x Super Bowl MVP …

Read More

Phishing 201: What are the Different Types of Phishing Attacks?

In our initial blog, Phishing 101, we covered the basics of phishing, including what phishing is and how to prevent it. Today, we will cover the different types of phishing attacks that your organization could be vulnerable to. Types of Phishing Deceptive phishing Deceptive phishing is the most common …

Read More

Social Engineering 101: What is Phishing and How do I Prevent It?

What is Phishing? Phishing is a series of communications that are sent in order to deceive individuals to provide sensitive information. Phishing can take the form of email messages, website forms, or phone calls and can be designed to reveal different information.  This information can take the form of: Credit …

Read More

3 Security Trends that will Continue in 2017

With the ushering in of another new year, I find myself acting nostalgic, wondering where the previous year went and of course pondering the year ahead. Here are three security and commerce trends which will continue in 2017. Healthcare Data Breach According to the Privacy Rights Clearinghouse, healthcare data breaches …

Read More

Making the Switch from SSAE 16 to SSAE 18

When service organizations receive a SOC 1 examination, it is performed under the SSAE 16 or “Statements on Standards for Attestation Engagements 16, Reporting on Controls at a Service Organization” standard. In the Spring 2016, The AICPA’s Auditing Standards Board (ASB) completed the clarity project, the result of which was …

Read More

FedRAMP vs. FISMA: Choosing the Right Standard for Your Federal Clients

When pursuing federal clients or servicing existing federal clients, there are a number of unique compliance needs due to the sensitivity of the federal information. Standards such as FedRAMP and FISMA exist to create consistent security standards for organizations seeking federal agency clientele. FISMA, or the Federal Information Security Management …

Read More